This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft File: Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json) Hash identifier: LEkvV/dC8w5XX25BbcmQ2xJz8bOQVjOifrqdUFXPfSg= Subject key identifier: 20:4D:A6:7A:28:4E:20:CD:7F:FD:AD:03:C0:60:58:54:79:87:59:16 Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0 Certificate issuer: /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0 Certificate serial: 019AF50A9F607C6FBDF5A0DCB8B0CBA9CDBB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft Manifest number: 0814 Signing time: Sat 06 Dec 2025 19:01:45 +0000 Manifest this update: Sat 06 Dec 2025 19:01:45 +0000 Manifest next update: Sun 07 Dec 2025 19:01:45 +0000 Files and hashes: 1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: TFdOCD9txgHHeGuQjO0F7inBTqSI2STTvB0NK4kalG4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:9f:60:7c:6f:bd:f5:a0:dc:b8:b0:cb:a9:cd:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0 Validity Not Before: Dec 6 19:01:45 2025 GMT Not After : Dec 7 19:01:45 2025 GMT Subject: CN=204da67a284e20cd7ffdad03c060585479875916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:8f:b7:b7:63:2c:2d:4e:73:3a:9c:f2:71:ca: 52:13:97:e7:21:c0:46:a0:c2:89:92:1d:af:97:cd: 78:35:06:41:b1:a6:ed:31:e3:e8:43:44:e7:3e:bb: e5:0d:af:a8:58:74:d7:b1:6c:57:e3:69:06:15:30: 34:b0:82:67:a0:bb:58:ed:79:bc:76:2e:44:7c:cd: 8c:5d:59:54:a0:47:5d:59:8d:48:f4:52:d4:31:0a: ae:62:39:5f:7c:1d:74:4a:f1:5e:b8:91:5e:e5:7a: cb:e7:19:26:57:83:37:cf:c1:3d:dd:03:62:d2:68: b3:30:ff:ca:f7:ce:03:e9:22:a0:8b:f6:e4:82:e6: c9:f1:f7:62:2e:4e:07:12:c4:9b:cb:a4:43:19:c4: ef:94:30:de:67:96:99:5f:fb:25:6c:4f:5f:fa:81: 78:4b:e4:4e:e1:bf:14:a5:a4:77:8e:95:a3:48:de: d3:93:dd:c3:05:c9:d9:4f:4a:11:fd:48:9b:47:70: 93:f3:b8:6a:7e:3f:37:1e:a7:52:17:be:ff:28:bd: 95:97:fa:3a:5b:6c:40:ce:90:8e:7a:c0:cc:4a:c9: 87:de:39:d6:06:8e:54:14:b4:df:59:66:64:b2:a6: 2e:ae:1d:ae:85:03:d7:8e:4d:2e:8f:cc:6f:63:9a: 59:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:4D:A6:7A:28:4E:20:CD:7F:FD:AD:03:C0:60:58:54:79:87:59:16 X509v3 Authority Key Identifier: keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:3d:73:07:9a:45:da:c7:ac:fd:b2:d9:35:d9:f1:ce:79:9a: 9e:5e:b2:10:f8:ab:f8:21:13:3b:85:81:09:f2:6d:46:f6:7f: 33:b4:44:53:6b:0e:b4:a4:0c:cc:81:24:7e:5d:90:90:02:ab: aa:2e:a7:7a:44:2b:50:a9:48:aa:87:b1:de:b2:fe:e3:b1:6f: 23:ce:19:63:b0:3c:ae:b1:1a:a7:b8:88:21:ec:d4:55:6b:31: e9:d9:35:64:32:7d:07:56:28:a4:3e:11:45:e1:20:78:14:f4: 48:ed:fc:19:59:74:c0:39:58:ff:70:bf:e4:d7:74:70:09:d1: cf:06:ee:e6:62:9d:b5:0f:d7:08:ce:cc:95:32:dd:38:3e:9f: ee:32:8d:a9:e0:80:f1:d3:ff:bb:e2:4f:7e:74:71:cc:9f:8b: 7c:1c:21:aa:25:e3:55:15:4e:29:22:8c:9e:da:87:fa:6f:dd: a2:af:d8:ee:82:3a:ce:9a:c9:26:62:1a:7a:3a:54:06:bf:5f: 0c:86:3c:ee:28:d2:6d:a6:11:d7:f2:1c:38:4b:43:24:c7:d3: ee:4f:24:d1:3a:be:b4:97:11:b8:2f:41:15:8f:4d:86:75:7c: 66:d9:17:b3:ce:f2:82:8c:dc:e6:ce:e7:55:e2:ec:e7:fd:cb: 6d:ce:b6:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cp9gfG+99aDcuLDLqc27MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm MTY0YzAwHhcNMjUxMjA2MTkwMTQ1WhcNMjUxMjA3MTkwMTQ1WjAzMTEwLwYDVQQD EygyMDRkYTY3YTI4NGUyMGNkN2ZmZGFkMDNjMDYwNTg1NDc5ODc1OTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4+3t2MsLU5zOpzyccpSE5fnIcBG oMKJkh2vl814NQZBsabtMePoQ0TnPrvlDa+oWHTXsWxX42kGFTA0sIJnoLtY7Xm8 di5EfM2MXVlUoEddWY1I9FLUMQquYjlffB10SvFeuJFe5XrL5xkmV4M3z8E93QNi 0mizMP/K984D6SKgi/bkgubJ8fdiLk4HEsSby6RDGcTvlDDeZ5aZX/slbE9f+oF4 S+RO4b8UpaR3jpWjSN7Tk93DBcnZT0oR/UibR3CT87hqfj83HqdSF77/KL2Vl/o6 W2xAzpCOesDMSsmH3jnWBo5UFLTfWWZksqYurh2uhQPXjk0uj8xvY5pZwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCBNpnooTiDNf/2tA8BgWFR5h1kWMB8GA1UdIwQY MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5 LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACT1zB5pF 2ses/bLZNdnxznmanl6yEPir+CETO4WBCfJtRvZ/M7REU2sOtKQMzIEkfl2QkAKr qi6nekQrUKlIqoex3rL+47FvI84ZY7A8rrEap7iIIezUVWsx6dk1ZDJ9B1YopD4R ReEgeBT0SO38GVl0wDlY/3C/5Nd0cAnRzwbu5mKdtQ/XCM7MlTLdOD6f7jKNqeCA 8dP/u+JPfnRxzJ+LfBwhqiXjVRVOKSKMntqH+m/doq/Y7oI6zprJJmIaejpUBr9f DIY87ijSbaYR1/IcOEtDJMfT7k8k0Tq+tJcRuC9BFY9NhnV8ZtkXs87ygozc5s7n VeLs5/3Lbc62nQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:41:32 2025 by rpki-client